I am facing issue in creating SSL certification

I am trying to create a new ssl certificate for one of my website using lets encrypt but I am getting an error.

Error : Fetching http://workbook.benefitscliffs.org/.well-known/acme-challenge/n1tOlCgj-Kqvodgso1biDbYZPINglGM77irk-Wm0sfg: Connection refused

So my traffic is going to ALB using http protocol but my Load balancer listen only on 443.

So How should i verify my acme-challenge

Anyone can help me for this?

Thank You

1 Like

Then you need to fix that. Best practice is to listen on port 80 anyway, and when obtaining certs from Let's Encrypt using HTTP validation, your site must respond on port 80. It can redirect from there to 443 if desired, but it must respond on port 80.


Your ALB looks to be using a cert from Sectigo which is missing the intermediate chain. So, you need to fix that if you were not already aware.

The problem you describe looks like you are trying to get a cert for HTTPS between your origin server and the ALB.

Instead of trying to get the HTTP Challenge through the LB to your origin you could use the DNS Challenge instead. See these topics for details

If your DNS provider is not supported by Certbot you could consider using the acme.sh ACME Client (see it on github)